Software-Defined Networking (SDN)-based IPsec Flow Protection
University of Murcia
University of Murcia
University of Murcia
This document describes the use case for providing IPsec flow protection by means of a Software-Defined Network (SDN) controller and raises the requirements to support this service. It considers two main scenarios: (i) gateway-to-gateway and (ii) host-to-gateway (Road Warrior). For the gateway-to-gateway scenario, this document describes a mechanism to support the bootstrapping of key material between network resources to protect data traffic with IPsec and IKE, both in intra and inter-SDN cases. The host-to-gateway case defines a mechanism to bootstrap key material to protect data with IPsec between an end user's device and a gateway.